[00:00.700 --> 00:06.540]  Thank you Ajit for the kind intro and I'm Victor Fang. I'm the CEO of Ancient AI and I'm
[00:07.820 --> 00:13.960]  joining from San Jose, where the company is located. And it's a great honor to be presenting
[00:13.960 --> 00:19.340]  as a keynote at the DEF CON Blockchain Village here. And today I'm going to talk about this
[00:19.340 --> 00:28.100]  most recent, very interesting hack, right, on Twitter. We call it the Twitter Tax Day Disaster.
[00:28.100 --> 00:33.680]  We're going to talk, explain to you the beginning and the end and all the implications to the
[00:33.680 --> 00:42.210]  industry. So first of all, who am I, right? Like Ajit just said, I presented last year,
[00:42.210 --> 00:49.850]  but some of you may be not new here. So I founded Ancient AI in 2018 and like some of the folks in
[00:49.850 --> 00:55.690]  the village, right, I also worked at FireEye Mendiant before and I was very honored to be
[00:55.690 --> 01:02.450]  recognized as the face of FireEye 2017 to now, actually. Yeah. And I say this year,
[01:02.450 --> 01:07.210]  they're still using my face to represent the FireEye. It's a great company. I really,
[01:07.210 --> 01:14.570]  I'm super pleased to see that. And I'm a big AI and machine learning practitioner
[01:14.570 --> 01:22.370]  since 2007. And one of my work is including how to use machine learning to detect the
[01:22.370 --> 01:28.550]  PowerShell exploit that is specifically in the APD32. And I actually have a blog on FireEye,
[01:28.550 --> 01:33.950]  check it out. And also I'm very honored to be able to work with the great engineers and all
[01:33.950 --> 01:40.290]  that and ship the products, the machine learning powered products to our network, endpoint, email
[01:41.030 --> 01:47.410]  in various companies. And also when I'm not solving the cybersecurity problems or blockchain
[01:47.410 --> 01:53.490]  problems, I also play electric guitar, but my teacher told me that I keep my day job yet. So
[01:53.490 --> 01:59.530]  I need your help to help me successful so I can create music. I can spend more time with music.
[01:59.650 --> 02:04.410]  So that's myself. And a little bit about my company, Ancient AI. We are an AI powered
[02:04.410 --> 02:10.150]  blockchain risk and compliance solution company. So the team are mostly from FireEye, Mendiant,
[02:10.150 --> 02:17.310]  McAfee. Then also my co-founder is coming from the internet industry, Yahoo, Pivotal,
[02:17.830 --> 02:23.630]  and we are backed by SIG, Cisco HANA, and Amino Capital. We are also part of the Berkeley
[02:23.630 --> 02:30.350]  Blockchain Accelerator. So yeah, so what's the largest hack in 2020, right? I may ask,
[02:30.350 --> 02:34.350]  when I ask different person, I'm going to get different answers. Some talk about this March
[02:34.350 --> 02:40.410]  hack on T-Mobile. Some talk about this Mario hack in April, right? Those are major hacks.
[02:40.410 --> 02:45.250]  But I think the biggest one, right, at least the one that gets to the mainstream is actually this
[02:45.250 --> 02:52.570]  text they had. It happened only a few weeks ago, right? July 15, 2020. And this is the screenshot
[02:52.570 --> 02:58.490]  of those celebrities, hacker, that being hacked. And this is something I'm going to talk about,
[02:58.490 --> 03:05.030]  drilling into every detail of it. And by the way, we have a contest in progress right now,
[03:05.030 --> 03:09.390]  right? Thanks for Ajit's help, right? So we're running it right now. We're actually in the
[03:09.390 --> 03:15.230]  middle of it. And actually some of the people already submitted the answers. Very cool.
[03:15.230 --> 03:23.630]  And yeah, and then I actually got the honor to be interviewed by the CBS News, right, on this
[03:23.630 --> 03:32.030]  specific incident, right? And yeah, very great to spend 10 minutes with Len Pease, one of my
[03:32.030 --> 03:39.570]  favorite news anchor. And okay, let's get down to it, right? So Twitter hack, it's actually the
[03:39.570 --> 03:45.290]  perfect crime, combining the centralized and decentralized. That's why I found it super
[03:46.670 --> 03:54.730]  intriguing. And if you step back and look at all this, right? We are actually at the boundary of
[03:54.730 --> 04:01.130]  two worlds, right? Centralized, those internet and banks and all that, right? And then decentralized,
[04:01.130 --> 04:06.990]  which is a lot of people here are big fans of blockchain, which is designed to be centralized.
[04:06.990 --> 04:13.850]  And the difference right now as of 2020, right? The centralized world, right? It's well studied,
[04:13.850 --> 04:19.010]  plenty of tools and all that, right? And then the decentralized world, right? In contrast,
[04:19.010 --> 04:24.190]  less study and lack of tools. So when the incident like that happened, right? People
[04:24.870 --> 04:30.290]  focus a lot on those internet, how they're hacking and all that, right? But fewer people
[04:30.290 --> 04:34.310]  actually focusing on what's happening on the blockchain. And that's actually the problem
[04:34.310 --> 04:42.250]  we're trying to solve also. And for this Twitter hack, right? We call it a Nigerian Prince
[04:42.250 --> 04:49.270]  scam 2.0, right? And yeah, so for those of you, I still remember those in the 1990s,
[04:49.270 --> 04:53.670]  those famous scam, right? You get emails or a letter, right? Saying, Hey, I'm Prince
[04:54.590 --> 05:02.550]  of Nigeria, right? And then I'm showing money. If you mail, send me a thousand dollars, I can
[05:02.550 --> 05:07.810]  send you $2,000 back in a few weeks, right? It's actually exactly what happened. The same tactic,
[05:07.810 --> 05:12.110]  right? And it's actually combining the cybersecurity hack, right? So they're social
[05:12.110 --> 05:18.090]  engineers and it's, which is a takeover into the Twitter main tool, right? It's a very typical
[05:18.090 --> 05:23.810]  insider spam, right? And as an outsider, the end user is literally very little you can do.
[05:23.810 --> 05:28.530]  Okay. And the second part is a financial scam. Once they get a hold of your account, right?
[05:28.530 --> 05:35.330]  They actually launched a Bitcoin as a scam using Bitcoin, right? It's actually this Nigerian Prince
[05:35.330 --> 05:40.750]  scam. It's a very famous scam called an advance fee scam, right? And then they leverage those
[05:40.750 --> 05:46.650]  money laundering as we're going to get into details. The timeline, right? Let's look at it,
[05:46.650 --> 05:52.530]  right? There's actually 10 plus Twitter accounts being hacked, right? In only three hours,
[05:52.530 --> 05:58.010]  right? And we summarize it in this nice timeline, right? There's actually three waves,
[05:58.010 --> 06:04.290]  right? The first wave are actually a blockchain industry, right? Finance, Coinbase, and all those
[06:04.290 --> 06:10.350]  celebrities, right? In this blockchain industry, right? And then the second wave starting from 1pm
[06:10.350 --> 06:15.810]  in the middle, right? Elon Musk, Bill Gates, and then Apple and Uber, right? Roughly. They are all
[06:15.810 --> 06:23.070]  in the high tech industry. Then the third wave, the politicians, right? Obama, Joe Biden, and
[06:23.070 --> 06:28.170]  King Wes and all that, right? And they are the third wave being hacked before the show is over.
[06:28.170 --> 06:34.810]  And it's funny to mention that Elon Musk got hacked twice in this wave also. If we look at it,
[06:34.810 --> 06:39.390]  right? It's getting more interesting, right? So the hacker posts the Bitcoin address in Twitter,
[06:39.390 --> 06:42.910]  right? And people start sending money to it, right? And then if you look at this chart,
[06:42.910 --> 06:48.730]  we generate it using our CISO tool, right? You can clearly see that within the 24 hours,
[06:48.730 --> 06:52.110]  right? There's a lot of money movement on the blockchain, right? This is what I say.
[06:52.110 --> 06:59.030]  This is the dark side of the decentralized world, right? Not a lot of people are aware of it
[06:59.030 --> 07:03.590]  because of the lack of tools, right? And then this is exactly what we're trying to help, right?
[07:03.910 --> 07:11.470]  Within 24 hours, actually, the hacker receives those money and starts doing the money laundering,
[07:11.470 --> 07:16.310]  right? And within 24 hours, they wire into six different wallets. We actually have a full
[07:16.310 --> 07:22.050]  detail blocks in our media, okay? And it's funny to mention that there's actually still... we're
[07:22.050 --> 07:31.130]  able to recognize three... there's three victims coming from a known exchanges, right? Are sending
[07:31.130 --> 07:40.510]  money to it, right? And then if we look at a longer time horizon, right? Five days. And then
[07:40.510 --> 07:47.190]  actually, as we predicted on day one, right? The hacker starts to run through the mixers,
[07:47.190 --> 07:51.890]  right? The tumblers, right? To start the money laundering process, right? Those are the hops
[07:51.890 --> 07:56.830]  and splits and jumps, as you can see, right? They actually eventually get into this wasabi mixer.
[07:56.830 --> 08:02.690]  I will spend more time on it later. And there's a quick update, right? I mean, a few days ago,
[08:02.690 --> 08:06.890]  right? You guys are probably already aware of it, right? So those three Twitter hackers are arrested.
[08:06.890 --> 08:11.070]  One of them, I think it's confirmed to be in Florida. Two of them are actually the UK cities
[08:11.070 --> 08:18.130]  and all that. There's a wire article on that, right? And yeah, let's... I mean, let's... this
[08:18.130 --> 08:23.090]  is like a typical Mendian exercise, right? Let's try to attribute this hacker, right? So we actually
[08:23.090 --> 08:28.970]  in day one, right? We launched this block, one of the most in-depth block, right? Investigation
[08:28.970 --> 08:35.490]  reporting industry. So the first one is like, we correlate with some of our threat intel, right?
[08:35.490 --> 08:42.250]  We find out this thing is actually correlated to crypto4health.com, right? And the right-hand side,
[08:42.250 --> 08:46.110]  yeah, this is the first time you guys are seeing it, but internally, we actually analyze more than
[08:46.110 --> 08:50.890]  just blockchain, right? We also analyze the domain registrations and all that in our threat intel
[08:50.890 --> 08:58.370]  database. So we knew that this was actually a US-based server, right? And then we also say,
[08:58.370 --> 09:04.230]  they will predict... they will start a Bitcoin mixer, money laundering, right? This is like
[09:04.230 --> 09:09.930]  how we found the ransomware, right? The WarnerCrypt and all that, right? Back in a few years ago.
[09:10.130 --> 09:14.870]  And then we also say, hey, it's a coordinate crypt, as you can see, right? That timeline is
[09:14.870 --> 09:19.290]  structured in three ways and all that. It's well-planned. It's not a random keep doing the
[09:19.290 --> 09:25.590]  random hacking, right? It's coordinate crypt, but it's less sophisticated than those hacking
[09:25.590 --> 09:30.350]  campaigns I have done with DeWitt before, right? At FireEye Mendiance and all that. Those APT
[09:30.350 --> 09:37.150]  hackers are more sophisticated than these guys. And then one thing we did miss, one prediction we
[09:37.150 --> 09:42.850]  did wrong is actually we told the media, hey, be patient. It may take a few months to arrest them,
[09:42.850 --> 09:48.970]  but actually the law enforcement were able to caught those guys in two weeks, right?
[09:50.190 --> 09:56.070]  And there's a question that I got asked often, right? So why the hackers only make
[09:56.070 --> 10:01.470]  $100,000, right? You think about it. Those most powerful people in the US,
[10:01.470 --> 10:06.270]  right? Their Twitter account got hacked. Why they only make 100K? Why the hacker only make 100K?
[10:06.270 --> 10:11.970]  That's nothing. But okay, if you remember that timeline, right? It's actually the shows only
[10:11.970 --> 10:17.730]  last for three hours, no more than that, right? And then if you divide it by three,
[10:17.730 --> 10:22.990]  that's actually still $36,000 per hour, pretty decent profit that they make, right?
[10:22.990 --> 10:27.750]  So I think thanks to the Twitter team, right? The compromised celebrities and everyone that
[10:27.750 --> 10:33.630]  alerted this hack, right? Including those people that forwarded our research report and some other
[10:33.630 --> 10:39.730]  companies report, right? This is actually the awareness where we can help bring more transparency,
[10:40.270 --> 10:47.810]  bring more light into this dark world. As my interview to Inverse, right? One of the
[10:47.810 --> 10:53.570]  New York based media, right? Humans are always the weakest link, as you can see again here,
[10:53.570 --> 10:58.230]  right? The threat vector is, again, is getting the human, getting the internal infrastructure
[10:58.230 --> 11:09.550]  and then compromise the entire Twitter admin tool, right? And this is exactly why our company,
[11:09.550 --> 11:13.090]  so we can act faster and be more preventive.
[11:14.130 --> 11:18.150]  Oh, okay. So let's get to the second section here, right? So I want to talk about some cool
[11:18.150 --> 11:22.310]  technology in the blockchain security and would like to pick this one. I think this is the most
[11:22.310 --> 11:28.810]  exciting technology advancement, right? SpaceX send us the Dragon Crew, right? They sent two
[11:28.810 --> 11:38.550]  astronauts to the ISS, super cool. And then look at the Earth, right? From the space,
[11:38.550 --> 11:46.150]  actually, you cannot see any border, okay? And actually, the human, right, create maps
[11:46.150 --> 11:53.350]  so we can navigate. This is exactly what nChain AI try to achieve, right? We create blockchain
[11:53.350 --> 11:59.970]  maps for this massive centralized world, so your business can navigate. For example,
[11:59.970 --> 12:05.670]  we are trying to identify which one are the exchanges, which one is the OTC and miner and
[12:05.670 --> 12:11.490]  hackers and all that, so we can make transaction more safely, more securely in this decentralized
[12:11.490 --> 12:22.110]  world. Then look at this world, right? That's $8 billion. Actually, only 1% of the money laundering
[12:22.110 --> 12:28.570]  are in cryptocurrency based on FATAP. FATAP is the organization defining the anti-money laundering
[12:28.570 --> 12:34.750]  standards and all that based in Europe, okay? So three typical, three steps, right? In any money
[12:34.750 --> 12:39.570]  laundering, including this one, okay? Including the Bitcoin and cryptocurrency and all Tether,
[12:39.570 --> 12:45.890]  stablecoins and all that. Three steps, placement, layering and integration, right? And we have done
[12:45.890 --> 12:51.530]  some investigation, including this Twitter hack one, right? And then actually, the hackers are
[12:51.530 --> 13:00.710]  actually, they use this technology, right? This money laundry in cryptocurrency technology being
[13:00.710 --> 13:06.890]  used by many, many other bad actors, like ransomware, people are selling their breach data
[13:06.890 --> 13:13.550]  on dark webs and all that. And this is a super challenging task, right? That's why we haven't
[13:13.550 --> 13:18.670]  seen any company have done that yet, right? One of the challenges is actually we have over 500
[13:18.670 --> 13:23.990]  million addresses out there in the blockchain world and it's growing like crazy, right? And then
[13:23.990 --> 13:29.110]  if you make a comparison, right? This is where I live, right? In San Francisco Bay Area, a satellite
[13:29.110 --> 13:35.710]  map, right? Without putting those landmarks and all that, right? Like what usually you are seeing
[13:35.710 --> 13:39.730]  the map, right? Or putting the highways or buildings and all that. It's really hard to
[13:39.730 --> 13:45.050]  figure out what's going on there, right? And then the same thing, right? The Bitcoin UTXO
[13:45.050 --> 13:50.590]  transaction graph looks like the right hand side, right? And there's a 500 million vertices there.
[13:50.590 --> 13:56.250]  And it's going to get to billions real quick, right? Because we have many other blockchain
[13:56.250 --> 14:01.950]  coming up. Exelium is doing pretty well recently and there's other, like for example, those tokens
[14:01.950 --> 14:06.330]  are running on top of Exelium and all that, right? It's getting more and more challenging.
[14:07.370 --> 14:11.230]  And our solution to this, right? And I think this is a blockchain mapping is the
[14:11.690 --> 14:18.550]  best way to do it, right? There's three specific technology feature where a technology problem
[14:18.550 --> 14:24.030]  is solving, right? One is pseudonymity, right? We're using the threat intel UEBAs and all that.
[14:24.030 --> 14:29.390]  We try to figure out the behavior of the address. Then the second one we deal with
[14:29.390 --> 14:35.010]  is the massive data volume, right? We're left with big data cloud and GPU, right? Some of the
[14:35.010 --> 14:41.050]  models are running on deep learning. Then complex graph transaction relationship, right? That's
[14:41.050 --> 14:47.230]  where we actually develop AI and UX focused investigation tool that we will talk about.
[14:47.230 --> 14:51.850]  And actually some people in the room are already using that CISO product, right?
[14:52.590 --> 14:57.390]  Then our machine learning connect to more than 10 different blockchains, right? And as promised,
[14:57.390 --> 15:02.110]  I'm going to put one equation here. And this is the only equation in this entire slide, right? So
[15:02.110 --> 15:07.590]  one of the model is using deep learning, right? To try to figure out exactly the same technology
[15:07.590 --> 15:12.130]  being used by AlphaGo, AlphaStar, the self-driving car and all that. We're trying to figure out
[15:12.130 --> 15:20.130]  giving kinds of transactions of an address. Can we figure out the behavior of it, right?
[15:20.130 --> 15:27.630]  Then yeah, just to make an analogy here, right? 500 million blockchain addresses, right? It's like
[15:27.630 --> 15:33.470]  what the map is our intelligence we're creating. The bank, right? That on the landmark, right?
[15:33.470 --> 15:40.410]  They are similar to reputable exchanges like Coinbase and all those top exchanges that are
[15:40.410 --> 15:47.630]  more focusing on compliance and regulation, right? And car accident, right? Those bad incidents and
[15:48.150 --> 15:54.150]  those are the suspicious actors that we reflect on the right-hand side here. And that's what the
[15:54.150 --> 15:59.270]  goal we're trying to achieve. We're trying to make it more transparent so we can navigate more
[15:59.270 --> 16:05.670]  securely and safely. Okay, let's do a little bit of a pop quiz, right? Yeah, who can tell me what
[16:05.670 --> 16:12.130]  is this? This is one of the typical Bitcoin address, right? What is it? It's hard to see,
[16:12.130 --> 16:19.910]  all those nonsense letters. Well, and then if you open and putting this address in any of the
[16:19.910 --> 16:24.690]  blockchain explorers and all that, right? This is what you're going to see, okay? It's a wealthy
[16:24.690 --> 16:30.030]  and probably still active Bitcoin wallet, right? That's usually this is what you can get, right?
[16:30.470 --> 16:38.050]  And it started at what? 2017, right? If that's a hint to you. It turns out, okay, it's actually
[16:38.230 --> 16:44.230]  a WannaCry ransomware. One of the few wallets that they embedded into their ransomware,
[16:44.230 --> 16:51.390]  right? I think some of you probably are exploring in ransomware and all that. And this is actually
[16:51.390 --> 16:56.190]  one of the screenshot we get from the FireEye sandbox, right? This is that exact screenshot
[16:56.190 --> 17:02.730]  what pops up when you got infected by WannaCry. That little address, see that? That's the 12T9
[17:02.730 --> 17:06.850]  is exactly what the hackers are using for receiving the ransom.
[17:07.930 --> 17:14.890]  Okay, so we have been building this intelligence database in the last two years, right? And then,
[17:14.890 --> 17:19.410]  yeah, so when you're plugging, we're trying to tell you, okay, this is actually the ransomware
[17:19.410 --> 17:25.510]  which even tells you the family, the WannaCry and all that. And most importantly, if you're
[17:25.510 --> 17:30.070]  running a crypto business, right? We will tell you, hey, do not transact with this guy, right?
[17:30.070 --> 17:35.550]  Reflect as the highest risk score, 100, right? Do not transact. If you make transaction with this
[17:35.550 --> 17:42.190]  guy, Boeing Forceman is going to come to you. And they are equipped with threat and intelligence
[17:42.190 --> 17:50.270]  tool these days. And actually, that's a good thing, right? So, and then, so that's exactly
[17:50.270 --> 17:56.350]  why we are launching this tool, right? For free, right? We're trying to democratize blockchain
[17:56.350 --> 18:02.330]  investigation. Other than paying $100,000 to buy some of the expensive commercial tool,
[18:02.330 --> 18:08.090]  right? We feel like we need to lower the barrier of entry. We need to make this tool more available
[18:08.090 --> 18:16.110]  to everybody, right? So, we can actually help this industry obtain X. So, by the way, as we're
[18:16.110 --> 18:20.630]  speaking, right? We actually just launched the second challenge in the same website, right? So,
[18:20.630 --> 18:27.370]  now you should see the button, right? Being activated. So, the second challenge is the
[18:27.370 --> 18:35.430]  WannaCry ransomware challenge. Okay. And so, let's drill down a little bit deeper, right?
[18:35.430 --> 18:41.350]  What is a Bitcoin mixer, right? Maybe, I mean, some of you are already using it or very familiar
[18:41.350 --> 18:50.610]  with it, right? Basically, as of now, right? It's the most popular Bitcoin mixer in the world,
[18:51.450 --> 18:55.950]  algorithm, right? There's a paper published a few years ago explaining the details of it,
[18:55.950 --> 19:00.690]  right? And then we believe that the Twitter hackers are actually using Wasabi, right? It's
[19:00.690 --> 19:05.030]  hard to tell, right? Because they keep shuffling around the wallets and address and all that. But
[19:05.030 --> 19:11.310]  then in the mixer, right? But then based on the machine learnings and all that, we can actually
[19:11.310 --> 19:18.990]  see the similarity of the transactions, right? They're using to the existing behavior training
[19:18.990 --> 19:27.150]  base we already have. Okay. So, as a human, right? If you're seeing transactions like this,
[19:27.150 --> 19:35.630]  right? It's very hard to figure out what that is, right? It's just one of the many UTXO transactions,
[19:35.630 --> 19:40.010]  right? You have some sudden behavior tracing there, right? That's why we can leverage machine
[19:40.010 --> 19:44.770]  learning. But it's still hard to say because some exchanges, especially the mainstream exchanges,
[19:44.770 --> 19:52.430]  will use similar technology like this also, right? And by the way, it is a Wasabi transaction,
[19:52.430 --> 19:59.390]  okay? We have detected over 700,000 of similar transactions like this,
[19:59.390 --> 20:04.370]  and that's only on the 2020, okay? And out of the 54 million total transactions.
[20:05.970 --> 20:10.730]  How machine learning detects this, right? So, this is one of... we're going to share with you
[20:10.730 --> 20:15.210]  some of the best models we built in our auto machine learning pipeline, right? This is the
[20:15.210 --> 20:19.750]  gradient boosting tree model we built, right? This is just an illustration of it. We have a thousand
[20:19.750 --> 20:25.330]  trees model, super accurate, that we trained from all this curated transaction data, right?
[20:25.550 --> 20:31.370]  And for example, on the left-hand side, that's one of the real... that's the Twitter hack transaction,
[20:31.370 --> 20:36.670]  right? And then some of them are actually... our model predicts as a high probability of being a
[20:37.390 --> 20:43.330]  because they have those certain characteristics of the Bitcoin mixer,
[20:44.570 --> 20:51.590]  right? And how machine learning can help, right? We have built thousands of those machine learning
[20:51.590 --> 20:57.550]  models, right? To specifically detect every behavior. For example, mixer is a big one.
[20:57.550 --> 21:02.570]  Exchange, hackers, and bots, right? We talked about bots last year, right?
[21:02.570 --> 21:07.590]  And then there's actually whatever you can find on the internet, the decentralized world,
[21:07.590 --> 21:13.250]  you can also find the equivalent party, the decentralized world. That's very interesting.
[21:14.390 --> 21:20.090]  Can we prevent this, right? I think it's totally feasible if we equip with the right technology,
[21:20.090 --> 21:25.890]  right? And like Coinbase, right? Coinbase did a great job, incident response, right? And then
[21:25.890 --> 21:33.350]  as Phil Martin presented to the Forbes, right? So I think, yeah, they were able to block them
[21:33.350 --> 21:39.850]  when this thing is just starting to happen, right? So thanks for doing that Coinbase, I think. And
[21:39.850 --> 21:45.910]  more exchanges should follow this pattern, right? Equip with the right technology, the right experts,
[21:45.910 --> 21:56.680]  block all these bad transactions, protect this entire blockchain ecosystem, right?
[21:56.680 --> 22:04.180]  Oh, I know some of the other companies, right? They kind of think about privacy in a different
[22:04.180 --> 22:08.680]  way, right? But our perspective, NCHI's perspective on the privacy on blockchain,
[22:08.680 --> 22:15.560]  right? Privacy should always be protected as well, okay? But there's a big distinction, right?
[22:15.560 --> 22:22.320]  Between this NCHI blockchain mapping versus other surveillance, right? We don't call our
[22:22.320 --> 22:29.340]  surveillance, we are mapping the blockchain world. We only get down to the behavior level,
[22:29.340 --> 22:34.400]  so that's like, what is it, right? So for example, I'm telling, okay, this address is a bank,
[22:34.400 --> 22:40.100]  it's a post office, that's it, right? Not to the individual level, that's a huge difference.
[22:40.100 --> 22:46.600]  We're not trying to breach the customer privacy, we're not trying to identify the individual level,
[22:47.140 --> 22:53.920]  and public intelligence, all of the intelligence are coming from public resources that we got,
[22:53.920 --> 22:59.140]  right? Then, don't be evil, right? Never monetize on the customer's privacy data,
[22:59.140 --> 23:04.520]  right? And focus on malicious addresses for the risk purpose, right? The whole business here,
[23:04.520 --> 23:16.560]  we're trying to make blockchain more secure to transact, that's on the privacy. And then,
[23:16.560 --> 23:22.880]  Twitter hack is actually defining a new chapter of the blockchain world in 2020. This is what I
[23:22.880 --> 23:27.260]  call the end of the beginning, I want to call Winston Churchill, one of my favorite characters,
[23:27.260 --> 23:35.340]  right? This is the end of the beginning. Why do I say that, right? We are entering a new chapter.
[23:35.920 --> 23:44.320]  Before this, right? I mean, Bitcoin shows up in 2009, right? And all the way until today.
[23:44.320 --> 23:50.380]  It's still a great area, especially in the regulatory compliance side, right? A different
[23:50.380 --> 23:55.400]  country, a different opinion on it, SEC still haven't figured out what really cryptocurrency
[23:55.400 --> 24:01.240]  is. Is it a security, a currency, or asset, or whatever, a commodity? They haven't figured it
[24:01.240 --> 24:09.280]  out yet, right? But going forward, right? 2020 and beyond, they are already spending a lot of
[24:09.280 --> 24:16.100]  effort in defining this, to bring more regulatory compliance, providing guidelines on the VASP,
[24:16.100 --> 24:21.820]  right? The Virtual Asset Service Provider. For example, FADA, the AML, the company,
[24:21.820 --> 24:26.920]  at that organization, they're defining the standard for anti-money laundry, right? FADA
[24:26.920 --> 24:35.020]  and OCC, this is the bank regulator body in US. ISACA and SEC think about that.
[24:38.300 --> 24:40.140]  Is there a question?
[24:43.180 --> 24:47.920]  And then the community is going to help more transparency, right? And when I look at this,
[24:47.920 --> 24:56.840]  this industry, right? The moment it got acquired for blockchain adoption.
[25:01.160 --> 25:02.760]  Is there a question on the line?
[25:06.360 --> 25:13.020]  10x growth, right? Only happens when more blockchain adoption to the mainstream. And if we allow those
[25:13.020 --> 25:19.100]  hackers are using Bitcoin and cryptocurrency, the long-term funding and all that, this industry
[25:19.100 --> 25:26.940]  is going to fail, or it's going to stay like this, right? So that's why we need to...
[25:28.020 --> 25:32.720]  I mean, some of you actually doesn't look like working with the government bodies and all that,
[25:32.720 --> 25:37.420]  but I think this is actually helpful to make this industry grow 10x.
[25:39.060 --> 25:44.500]  And what's next, right? After this Twitter hack 2020, I think there's three things,
[25:44.500 --> 25:51.700]  three aspects to it. Awareness. Blockchain needs us to work as a community to fight
[25:51.700 --> 25:59.620]  all this illicit use of cryptos. The technology side. One of the main reasons that a lot of
[25:59.620 --> 26:06.980]  exchanges are still accepting those longer bitcoins or cryptocurrency stable coins and all
[26:06.980 --> 26:13.220]  that, right? It's actually because they lack of the technology, right? And then technology,
[26:13.220 --> 26:18.960]  as we are showing already, is making it possible to defend against those illicit use of cryptos,
[26:18.960 --> 26:25.160]  especially with machine learning and AI, right? So we have, like I said, we have almost 800,000
[26:25.160 --> 26:32.740]  transactions using Wasabi, the mixer, in 2020. Some of them are good, some of them are bad,
[26:32.740 --> 26:37.920]  but at least we need to picture it. We need to kind of tell you, okay, it's actually a mixer.
[26:37.920 --> 26:42.300]  And then different countries, different exchanges have different policies against it, right?
[26:42.300 --> 26:47.960]  Compliance bodies also have different ways of defining it, right? For example, earlier this
[26:47.960 --> 26:57.100]  year, Binance, they got caught up by the Singapore MAS, right? The Singapore MAS is
[26:57.100 --> 27:01.840]  their regulatory body, like the SEC, right? Singapore. And then they kind of tell Binance,
[27:01.840 --> 27:09.560]  hey, you cannot accept mixer if they're coming into exchange, right? Things are still starting
[27:09.560 --> 27:16.180]  to change, right? So government has also realized that, okay, this cryptocurrency is going to be
[27:16.180 --> 27:21.520]  getting more and more mainstream, right? How do we make it secure for everybody,
[27:21.520 --> 27:27.460]  so more people can enjoy this great technology? And on the risk and security side, compliance side,
[27:27.460 --> 27:35.060]  technology is also a big factor to it, right? It can be applied to preventive or post-incident,
[27:35.060 --> 27:41.020]  right? Then the third one, regulatory compliance guideline from the public sector, right? FATF,
[27:41.020 --> 27:47.880]  OCC, SEC, and things like that, and 5AMLB, right? That's from the European side.
[27:49.460 --> 27:59.220]  Then, yeah, and then so I'm very fascinated by this SpaceX, right? That Dragon Crew, right? So
[27:59.220 --> 28:05.740]  and then we compared it to this Boeing Starliner on the left-hand side. I call it pre-2020,
[28:05.740 --> 28:10.540]  but then I decided to put another pre because this is a super vintage. If you look at the
[28:10.540 --> 28:17.100]  dashboard, man, this is crazy, and how it's going to navigate. There's like hundreds of buttons
[28:17.100 --> 28:23.500]  out there, right? If you look at our right-hand side, in contrast, right? Yeah, this is actually
[28:23.500 --> 28:30.340]  the design that SpaceX had, right? So make super sleek, super easy to navigate, right? It's spent
[28:30.480 --> 28:36.340]  a lot of time on the user experience, the UX side of it, right? To really make it accessible.
[28:36.340 --> 28:44.980]  And this is also, I feel, is important, right? If very few people can only use very few tools
[28:44.980 --> 28:50.840]  to get access, to understand what blockchain is, right? And that is a big problem for the industry,
[28:50.840 --> 28:55.680]  right? Think about it, like the internet, right? We're using internet every day, right?
[28:56.360 --> 29:01.380]  But on the blockchain side, look at it. How many tools do you use? If the blockchain explorer, yeah,
[29:01.380 --> 29:07.060]  those are only good, those are like Wireshark, right? But then you have to have something more
[29:07.060 --> 29:14.220]  accessible, more user-friendly for them. Even to look at those, this blockchain investigation
[29:14.220 --> 29:20.980]  side of it, right? It can actually help you understand more of what's happening. And I think
[29:20.980 --> 29:29.380]  that the general public, right, need to have a tool like that. Then, okay, so this is towards
[29:29.380 --> 29:33.520]  the end of my talk, right? So as I said, right, as of now, we actually just launched the second
[29:33.520 --> 29:37.860]  set of the challenge, right? Join the contacts right now. It's going to last until tomorrow
[29:37.860 --> 29:43.600]  night, midnight, right? So you still have plenty of time. This whole challenge, as I promised,
[29:43.600 --> 29:48.860]  is no code. You don't have to code up anything. The only thing you need is go to the website and
[29:48.860 --> 29:55.920]  put those address there and then start clicking, start exploring, right? But as you know, as an
[29:55.920 --> 30:00.460]  analyst, a researcher, you still have to have some expertise in that. But I mean, at the bare
[30:00.460 --> 30:06.320]  minimum, you don't need any technical skills to be able to enjoy this technology, right? And
[30:06.320 --> 30:11.700]  that's actually the main thesis when I talk to my team, right? This is one of the design principles
[30:11.700 --> 30:18.780]  I want the engineer, the designer to build, right? To build into our DNA of the product,
[30:18.780 --> 30:25.100]  right? And then, so we allocate over a thousand dollars worth of Bitcoin price, right? And so
[30:25.100 --> 30:30.020]  we're in the middle of it. So the first set of the challenge was the Twitter hack, right? So you
[30:30.020 --> 30:37.020]  can actually experience, you can be a detective yourself. Open the website, the contacts, right?
[30:37.020 --> 30:42.900]  And then, yeah, check it out. And then now we are launching a second set of the challenge, which is
[30:42.900 --> 30:54.900]  the ransomware that I just showed you. So that's the end of my talk. And yeah, so we got about
[30:55.560 --> 31:01.200]  40 minutes and half an hour, 20 minutes. So Ajit, so we have a Q&A time.
[31:09.150 --> 31:13.570]  And by the way, this is the website, right? This is the blockchainviz.net contest.
[31:16.950 --> 31:55.790]  Okay, go ahead. Any questions? How many of you have tried the contest already?
[31:55.790 --> 32:29.980]  What do you guys think? Any thoughts? Any feedbacks?
[32:30.260 --> 32:37.280]  Yeah, let's see. Oh,
[32:39.200 --> 32:45.800]  ah, I see. So there's a streaming on Twitch and also YouTube.
[32:50.280 --> 33:31.720]  All right, okay. Okay, yeah. Right, right. Yeah, actually I can see that there's already a few
[33:31.720 --> 33:36.240]  submissions, right? And then, yeah, so some of them already got it right, right? I think, yeah,
[33:36.240 --> 33:42.800]  the first set of the challenge, right? Yeah, so we do have a pretty intelligent cloud in the room
[33:42.800 --> 33:50.020]  here. But let's see. We still have, what, how many hours? We have one and a half days, right,
[33:50.020 --> 33:54.420]  ahead now. So we just launched the second set of the challenge, right? So check it out. And
[33:54.420 --> 33:59.140]  yeah, it's fun. And there's no any feedback and all that, right? So we're actually
[33:59.900 --> 34:04.460]  expecting a lot of, we actually saw a lot of traffic going to the website and we'll just
[34:04.460 --> 34:08.780]  upgrade the server and all that, right? So hopefully we can handle the traffic and all that. And
[34:09.560 --> 34:15.640]  yeah, so thanks a lot for participating in the contest. And let's see which one's going to be a
[34:15.640 --> 34:29.830]  winner. And it's fun. And it's fun that you can actually see those, you can become an investigator,
[34:29.830 --> 34:34.930]  and all this intelligence and all that are already publicly available in the public ledger,
[34:34.930 --> 34:40.170]  Bitcoin, which is great. We just need a tool to tap into it to make it more accessible.
[35:05.440 --> 35:09.000]  All right, cool. Thank you, Ajit. Thank you, everyone. Bye-bye.
[35:13.420 --> 35:15.660]  Thank you, Ajit. Thank you, everyone. Bye-bye.
